The Hacker News Logo
Subscribe to Newsletter

Burp Suite Pro v1.4.03 released - CSRF generator, SSL strip Added

Burp Suite Pro v1.4.03 released - CSRF generator, SSL strip Added

There is a new CSRF generator, which produces proof-of-concept HTML for generating virtually any HTTP request. You can access this feature by right-clicking any item within Burp, and using the engagement tools context menu to select "generate CSRF PoC".
Some useful features are:
  • Support for all form encoding types: standard URL encoding, multipart encoding, and plain text encoding.
  • Auto-detection of the optimal encoding type, with manual override.
  • Ability to edit both the request and response in-place, to fine tune attacks.
  • In-browser testing, by pasting a URL into your browser that will cause Burp Proxy to serve up the CSRF PoC in its response.

Have something to say about this article? Comment below or share it with us on Facebook, Twitter or our LinkedIn Group.
SHARE
Comments
Latest Stories
Best Deals

Newsletter — Subscribe for Free

Join over 500,000 information security professionals — Get the best of our cyber security coverage delivered to your inbox every morning.